Promote this Nomination

Additional Info

Company (that provides the nominated product / solution / service)Denim Group
Company size (employees)70
Type of solutionSoftware

In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:

• ThreadFix fully automates what used to be a manual process of collecting, communicating, and remediating sensitive application vulnerability information.
• ThreadFix automation accelerates application vulnerability remediation by 40% and provides the first-to-market capability to map dynamic to static scanning results.
• ThreadFix feeds application vulnerability data into GRC systems, providing executives, for the first time, unparalleled visibility into software risk for the organization.

Brief Overview

ThreadFix addresses the concern of fixing critical vulnerabilities in software applications by accelerating the process of software vulnerability remediation by up to 40%. This acceleration enables clients to build and deploy software faster while protecting sensitive customer data from the most sophisticated hackers.

ThreadFix aggregates vulnerability scanning results from a variety of disparate testing technologies to provide, for the first time, a common view of software vulnerabilities across the organization.

ThreadFix takes what used to be purely manual process and automates it, enabling software risk managers to quickly consolidate application vulnerability scan reports in a common console. The ThreadFix platform also provides application vulnerability data to leading IDE, defect trackers, and Governance, Risk and Compliance (GRC) tools to provide better executive level visibility into organization software risk.

ThreadFix is designed to give software risk managers the capability to have a common “pane of glass” for application security, and to elevate conversations on software risk with software development leaders.

Notably, ThreadFix has patent pending technology which can point to the exact line of source code responsible for an application vulnerability that has been identified by a dynamic security scan. This new capability and ThreadFix’s new IDE (integrated developer environment) plug-in bridges a challenging communications gap between security and software development teams that can dramatically simplify and accelerate the time-to-fix of critical application vulnerabilities.

ThreadFix also offers another groundbreaking new feature in the Enterprise edition which enhances compliance efforts, by providing dynamic scan orchestration capabilities. By offering a central facility that can store scan configurations for a variety of vendor scanner technologies, ThreadFix enables software risk managers to schedule vulnerability testing using multiple dynamic scanners without the need for human intervention at every step of the process.